IPsec DOI v7 - comment
"Elfed T. Weaver" <weaver@hydra.dra.hmg.gb> Thu, 05 March 1998 12:12 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id HAA22117 for ipsec-outgoing; Thu, 5 Mar 1998 07:12:03 -0500 (EST)
Message-Id: <199803051226.HAA07188@relay.rv.tis.com>
Comments: Authenticated sender is <weaver@hydra.dra.hmg.gb>
From: "Elfed T. Weaver" <weaver@hydra.dra.hmg.gb>
Organization: DERA
To: ipsec@tis.com
Date: Thu, 05 Mar 1998 12:23:24 +0000
MIME-Version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Subject: IPsec DOI v7 - comment
CC: ddp@network-alchemy.com
X-mailer: Pegasus Mail for Win32 (v2.54)
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
Section 4.4.1 of ipsec-doi-v7 states :- The ISAKMP proposal syntax was specifically designed to allow for the simultaneous negotiation of multiple security protocol suites within a single negotiation. As a result, the protocol suites listed below form the set of protocols that can be negotiated at the same time. It is a host policy decision as to what protocol suites might be negotiated together. The following table lists the values for the Security Protocol Identifiers referenced in an ISAKMP Proposal Payload for the IPSEC DOI. Protocol ID Value RESERVED 0 PROTO-ISAKMP 1 PROTO-IPSEC-AH 2 PROTO-IPSEC-ESP 3 PROTO-IPCOMP 4 Q. When is it possible to negotiate a PROTO-ISAKMP SA AND PROTO-IPSEC-* SA "at the same time" Is it not the case that : PROTO-ISAKMP is negotiated in phase 1 ONLY and PROTO-IPSEC-* negotiated in phase 2 ONLY - Elfed **************************************************** "The views expressed above are entirely those of the writer and do not represent the views, policy or understanding of any other person or official body." Elfed T. Weaver DERA Malvern UK weaver@hydra.dra.hmg.gb ****************************************************
- IPsec DOI v7 - comment Elfed T. Weaver
- Re: IPsec DOI v7 - comment Derrell D. Piper
- IPsec DOI v7 - comment Ben Rogers